Solved

Connecting to SMTP Virtual Server from Internet

Posted on 2006-10-24
10
673 Views
Last Modified: 2013-11-15
Hello.

I'm going to make my SBS2003 sit in the recieving end of a SMTP store and forward chain. With my ISP using sendmail he'll collect all my mail in one place and then forward it directly to my server. Im opening port 25 in my router and pointing it at SBS2003 (1 nic no ISA) and I'm filtering IPs at the Virtual Server settings.

Before I do all this I'm testing my setup. I can use Outlook Express to send SMTP directly to the SBS inside the LAN though if I try connect from outside the LAN going via the router (using DYNDNS, and a "virtual server" port forward on port 25 on a D-Link 604 Router) it fails miserably all the time. Is there any hoops I must jump through to make this happen?

Im getting:
OE: Protokoll: SMTP, Port: 25, Secure (SSL): Nej, Socket-fel: 10053, Felnummer: 0x800CCC0F
Outlook 2003: with the "Test account"-feature I get ok on finding the server but an err on sending a testmail

0
Comment
Question by:ola_erik
  • 4
  • 3
10 Comments
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 17796611
This sounds so incredibly complicated.  Why are you doing it this way?  Just because you have a Dynamic IP doesn't mean that you can't have your Exchange Server receive email directly.

Also, why are you using Outlook Express and not Outlook 2003?  Outlook Express cannot be configured with an Exchange Account.

You also would configure all of this with the Configure Email and Internet Connection Wizard (CEICW -- which is linked as Connect to the Internet in the Server Management Console > Internet and Email)

A visual how-to is here:  http://sbsurl.com/ceicw and a full networking overview for SBS is at http://sbsurl.com/msicw

Within that wizard you'll see a "more information" button on each screen that has invaluable help in deciding which options to select.  
Be sure to check those out as well.

None of it should be done manually.

Please review http://sbsurl.com/pop2smtp for the steps necessary to configure Exchange for SMTP.

Jeff
TechSoEasy
0
 
LVL 3

Author Comment

by:ola_erik
ID: 17797003
Hmm you're not reading my post.

I'm using OE to test if SBS2003 virtual SMTP server is functioning. And it is, inside the LAN but not from outside, which seems pretty wierd. AFAIK it should be the same thing if auth is off in the VS and it is.

So Im guessing there is some hurdle to having SBS2003 SMTP VS accepting incoming mail and that is the question.

Lol I guess I'll try rerun some wizards before I try anything else. :-)
0
 
LVL 3

Author Comment

by:ola_erik
ID: 17797516
I've done the CEICW and forwarded my router port 25 to SBS. I assume that I can use OE (or Outlook 2003 for that matter) to test the functionality of SMTP VS over Internet as I can on the LAN.

OE briefly says. "authenticating" and then gives the error msg... :-(

I guess there is quite some difference between a SMTP server and OE and OE functionality isnt an indicator of SMTP functionalty?

0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 17798695
You don't need to test that the SMTP server is functioning internally.  There is no benefit in doing this.  

You should instead use something like www.mxtoolbox.com to test your SMTP availability.

You otherwise should only test your server manually with Telnet.  Follow the steps in this KB article for that:  http://support.microsoft.com/kb/153119

Jeff
TechSoEasy
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 5

Expert Comment

by:Keyguard
ID: 17800279
I shouldn't even mention this on the SBS forum but if your ISP has sendmail and is willing to do store and forward then you could just ask them to do ETRN instead - gets round the dynamic DNS issue as your server opens the connection to receive the emails from the SMTP server. Thats all much more complicated than necessary though, sort of thing Linux people do.

You're not having any luck with OE/Outlook probably because the SBS SMTP server will not relay email from a non-local address, you have to be sending it to an email address that exists on the SBS server.

Back in SBS world, do as TechSoEasy says.

Ideally get a fixed IP but I've used dynDNS with SBS before without a major problems. I'd of thought it better to get your domain host to configure your DNS MX (mail exchange) primary as the SBS server and then the secondary as your ISP for a backup. Sounds like you've configured your router fine and if you've done the CEICW then it should all work without any reconfiguration.
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 17800347
Actually I don't know why you would be hesitant to mention that here... ETRN is easily configured on an SBS and certainly can be.  But I just find that it's not as efficient, and generally isn't used unless the SBS has a dial-up connection.

Jeff
TechSoEasy
0
 
LVL 3

Author Comment

by:ola_erik
ID: 17802931
Hmm it seems my traffic (from home) is blocked somehow.

I port forwarded port 25 and enabled anon login on the server and had no prob telnetting from another location and sending mail thru command line (Putty to friend with ISP without any traffic blocks and telnet from there)

I still couldnt telnet to the port from home, neither to port 8025.(another p fw)..strange.

Thx for the links to the wizard info, Ive been through both them and most of the Info they point to was known to me.

I certainly hear you Jeff on the simplicity argument and Im going in that direction.

The basic issue is how safe the MS SMTP VS is and if we want it open to the world.
(I have to do IP filtered port forward on my DI-604 DLINK router, does FW-rules override port forwards and how...tadadadadaaa?) My Unix-leaning friend doesnt think we should the world see our MS SMTP VS at all since its MS and will be hacked by spammers and their like in a jiffy. Also, its a small-midsize firm and we're not there doing instant patching on the releaseday all the time etc.

Jeff, whats your experience on this. Can you shoot a few points from the hip on paranoid is it practical and relevant to be? They are on a well known ISP (scanning) but are totally off the public radar (news, politics, controversies etc).

best










0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 250 total points
ID: 17819991
Tell your Unix-leaning friend that if he's going to advise you that he should use facts, not his bias.  I manage both Windows SMTP servers and Unix SMTP servers, and while I don't have the hard facts, I can tell you that my Exim servers (UNIX) get attacked 100+ times a day.  My Windows Server get's maybe 2 or 3 attempts.

And I think your reasoning is right... my UNIX servers are at a NOC (EV1 Servers), and the Windows Servers are all SBS's.

Jeff
TechSoEasy
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

VM backup deduplication is a method of reducing the amount of storage space needed to save VM backups. In most organizations, VMs contain many duplicate copies of data, such as VMs deployed from the same template, VMs with the same OS, or VMs that h…
The article will include the best Data Recovery Tools along with their Features, Capabilities, and their Download Links. Hope you’ll enjoy it and will choose the one as required by you.
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now